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Abstract. We study (bi)simulation-like preorder/equivalence checking on visibly push- 
down automata, visibly BPA (Basic Process Algebra) and visibly one-counter automata. 
We describe generic methods for proving complexity upper and lower bounds for a number 
of studied preorders and equivalences like simulation, completed simulation, ready simula- 
tion, 2-nested simulation preorders/equivalences and bisimulation equivalence. Our main 
results are that all the mentioned equivalences and preorders are EXPTIME-complete 
on visibly pushdown automata, PSPACE-complete on visibly one-counter automata and 
P-complete on visibly BPA. Our PSPACE lower bound for visibly one-counter automata 
improves also the previously known DP-hardness results for ordinary one-counter automata 
and one-counter nets. Finally, we study regularity checking problems for visibly pushdown 
automata and show that they can be decided in polynomial time. 



1. Introduction 

Visibly pushdown languages were introduced by Alur and Madhusudan in [AM04] as a 
subclass of context-free languages suitable for formal program analysis, yet tractable and 
with nice closure properties like the class of regular languages. Visibly pushdown languages 
are recognized by visibly pushdown automata whose stack behaviour is determined by the 
input symbol. If the symbol belongs to the category of call actions then the automaton 
must push, if it belongs to return actions then the automaton must pop, otherwise (for 
the internal actions) it may not change the stack height. In [AM04] it is shown that the 
class of visibly pushdown languages is closed under intersection, union, complementation, 
renaming, concatenation and Kleene star. A number of decision problems like universal- 
ity, language equivalence and language inclusion, which are undecidable for context-free 
languages, become EXPTIME-complete for visibly pushdown languages. 

Recently, visibly pushdown languages have been intensively studied and applied to e.g. 
program analysis [AEM04J , XML processing [Pit05] and the language theory of this class has 
been further investigated in [AKMV05, BLS06j. Researches also studied visibly pushdown 
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games [LMS04]. Some recent results show, for example, the application of a variant of visibly 
pushdown automata for proving decidability of contextual equivalence (and other problems) 
for the third-order fragment of Idealized Algol |MW05j . Several strict extensions of visibly 
pushdown automata, which still preserve some of their pleasing language properties, have 
been introduced in [Cau061 IFPOH [NS07]. Note that the extension introduced in |FP01] 
does not use the terminology of visibly pushdown automata, while it still employs similar 
ideas. 

In this article we study visibly pushdown automata from a different perspective. Rather 
than as language acceptors, we consider visibly pushdown automata as devices that gener- 
ate infinite state labelled graphs and we study the questions of decidability of behavioral 
equivalences and preorders on this class. Such questions were previously intensively studied 
on different classes of infinite state systems, motivated by the equivalence checking approach 
where a given implementation and specification of a system are compared with respect to 
a suitable notion of behavioural equivalence or preorder. For example, in the class of tran- 
sition systems generated by ordinary pushdown automata, strong bisimilarity is known to 
be decidable [Sen98j (see also |SenOH ISen021 IStiOl j ) , but no reasonable complexity upper 
bound is presently known and e.g. the simulation preorder/equivalence on the same class is 
already undecidable [GH94]. Our main motivation was to investigate whether the picture 
changes if we restrict the studied class of systems to visibly pushdown automata, which 
are still interesting from the modelling point of view but might provide more satisfactory 
decidability /complexity results. Indeed, our findings confirm the decidability and more 
reasonable complexity bounds for a number of verification problems on visibly pushdown 
automata and their natural subclasses. 

We prove EXPTIME-containment of equivalence checking on visibly pushdown au- 
tomata (vPDA) for practically all preorders and equivalences between simulation preorder 
and bisimulation equivalence that have been studied in the literature (our focus includes 
simulation, completed simulation, ready simulation, 2-nested simulation and bisimulation). 
We then study two natural (and incomparable) subclasses of visibly pushdown automata: 
visibly basic process algebra (vBPA) and visibly one-counter automata (vlCA). In case of 
vlCA we demonstrate PSPACE-containment of the preorder/equivalence checking problems 
and in case of vBPA even P-containment. For vBPA we provide also a direct reduction of 
the studied problems to equivalence checking on finite state systems, hence the fast algo- 
rithms already developed for systems with finitely many reachable states can be directly 
reused. All the mentioned upper bounds are matched by the corresponding lower bounds. 
The PSPACE-hardness proof for vlCA moreover improves the currently known DP lower 
bounds [JKMS04J for equivalence checking problems on ordinary one-counter automata and 
one-counter nets and some other problems (see Remark 13. 8p . Finally, we consider the reg- 
ularity checking problem for visibly pushdown automata and show its P-completeness for 
vPDA and vBPA, and NL-completeness for vlCA w.r.t. all equivalences between trace 
equivalence and bisimilarity. 

Related work. The main reason why many problems for visibly pushdown languages 
become tractable is, as observed in [AM04], that a pair of visibly pushdown automata 
can be synchronized in a similar fashion as finite state automata. We use this idea to 
construct, for a given pair of vPDA processes, a single pushdown automaton where we in a 
particular way encode the behaviour of both input processes so that they can alternate in 
performing their moves. This is done in such a way that the question of equality of the input 
processes w.r.t. a given equivalence/preorder can be tested by asking about the validity of 
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particular modal /x-calculus formulae on the single pushdown process. A similar result of 
reducing weak simulation between a pushdown process and a finite state process (and vice 
versa) to the model checking problem appeared in [KM02aj . We generalize these ideas to 
cover equivalences/preorders between two visibly pushdown processes and provide a generic 
proof for all the equivalence checking problems. The technical details of our construction 
are different from [KM02aj and, in particular, our construction works immediately also for 
vBPA (as the necessary bookkeeping is stored in the stack alphabet). As a result we thus 
show how to handle essentially any so far studied equivalence/preorder between simulation 
and bisimulation in a uniform way for vPDA, vBPA as well as for vlCA. 

Regularity problems for deterministic pushdown automata were studied in [Ste67j and 
[Val75j where a double-exponential algorithm for deciding regularity w.r.t. language equiva- 
lence is given. This decidability result holds also for our class of visibly pushdown automata 
(because it is determinizable) but in our particular case we improve the result in two ways: 
(i) we provide a general algorithm for regularity checking w.r.t any equivalence between 
trace equivalence and bisimilarity, and (ii) our algorithm is running in polynomial time 
(and does not require determinization, which is an expensive operation). 

In [BLS06] the authors consider language regularity problems for visibly pushdown 
automata. In particular, they study the question whether a visibly pushdown automaton is 
language equivalent to a visibly counter automaton with a given threshold. In our work we 
study the regularity problems in the context of the standard definitions from the concurrency 
theory, i.e., whether for a given vPDA process there is a behaviorally equivalent finite state 
system, and we consider a wide range of behavioural equivalences, not only the language 
equivalence. 

The plan of the article is as follows. We introduce the class of visibly pushdown au- 
tomata, a range of behavioral equivalences, and equivalence checking problems in Section [2j 
The decidability and complexity of equivalence checking of visibly pushdown automata and 
their subclasses is studied in Section [3j Regularity checking problems for the considered 
classes are introduced and proved decidable in polynomial time in Section HI A summary 
of the results and a further discussion is presented in Section [U 

2. Definitions 

A labelled transition system (LTS) is a triple (S, Act, — ►) where S is the set of states 
(or processes), Act is the set of labels (or actions), and — >C S x Act x S is the transition 
relation; for each a G Act, we view — —> as a binary relation on S where s s' iff 
(s,o, s') E — ►. The notation can be naturally extended to s — * s' for finite sequences 
of actions w G Act*. For a process s G S we define the set of its initial actions by 

1(a) = {a E Act \ 3s f £ S. s -—> s'}. 

We shall now define the studied equivalences/preorders which are between simulation 
and bisimilarity. A complete picture of Glabbeek's linear /branching time hierarchy (spec- 
trum) of behavioral equivalences is available in [vG90a, vG90b]. Given (S, Act, — >), a 
binary relation R C S x S is a 

• simulation iff for each (s,t) G R, a G Act, and s' such that s — — > s' there is t 1 such that 
t if and (s', t') G R, 

• completed simulation iff R is a simulation and moreover for each (s, t) G R it holds that 
I(s) = if and only if I(t) = 0, 
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bisimulation 



2-nested simulation 



ready simulation 



completed simulation 



simulation 

Figure 1: Hierarchy of simulation-like preorders/equivalences 

• ready simulation iff R is a simulation and moreover for each (s, t) € R it holds that 
I(s) = I(t), 

• 2-nested simulation iff R is a simulation and there is some simulation relation R' such 
that R' 1 QR', and 

• bisimulation iff i? is a simulation and moreover R -1 = R. 

We write s Q s t if there is a simulation i? such that (s, t) £ R, s Q cs t if there is a 
completed simulation R such that £ R, s C rs i if there is a ready simulation .R such 
that (s,t) E R, s Q2s t if there is a 2-nested simulation R such that (s, t) G -R, s ~ t if there 
is a bisimulation R such that (s, t) E i?. The relations are called the corresponding preorders 
(except for bisimilarity, which is already an equivalence). For a preorder C € Ecs ; Qrs, 
E2s} we define the corresponding equivalence by s = t iff s C £ and tCs. We remind the 
reader of the fact that ~ C IZ 2s C IZ rs C IZ CS C C s and ~ C = 2s C = rs C = cs C = s and 
all inclusions are strict. The hierarchy is depicted in Figured! 

We shall use a standard game-theoretic characterization of (bi) similarity |Tho93[fSti95j . 
A bisimulation game on a pair of processes (si,ti) is a two-player game between Attacker 
and Defender. The game is played in rounds on pairs of states from S x S. In each round 
the players change the current pair of states (s,t) (initially s = s± and t = ti) according to 
the following rule: 

(1) Attacker chooses either s or t, a G Act and performs a move s — — > s' or i — % t'. 

(2) Defender responds by choosing the opposite process (either i or s) and performs a move 
t — t' or s — —> s' under the same action a. 

(3) The pair (s', t') becomes the (new) current pair of states. 

A play (of the bisimulation game) is a sequence of pairs of processes formed by the players 
according to the rules mentioned above. A play is finite iff one of the players gets stuck 
(cannot make a move); the player who got stuck lost the play and the other player is the 
winner. If the play is infinite then Defender is the winner. 
We use the following standard fact. 
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Proposition 2.1. It holds that s ~ t iff Defender has a winning strategy in the bisimulation 
game starting with the pair (s,t), and s ^ t iff Attacker has a winning strategy in the 
corresponding game. 

The rules of the bisimulation game can be easily modified in order to capture the other 
equivalences / pr eor der s . 

• In the simulation preorder game, Attacker is restricted to attack only from the (left-hand 
side) process s. In the simulation equivalence game, Attacker can first choose a side 
(either s or t) but after that he is not allowed to change the side any more. 

• Completed/ready simulation game has the same rules as the simulation game but Defender 
is moreover losing in any configuration which breaks the extra condition imposed by 
the definition (i.e. s and t should have the same set of initial actions in case of ready 
simulation, and their sets of initial actions should be both empty at the same time in case 
of completed simulation). 

• In the 2-nested simulation preorder game, Attacker starts playing from the left-hand side 
process s and at most once during the play he is allowed to switch sides (the soundness 
follows from the characterization provided in [AFI01] ). In the 2-nested simulation equiv- 
alence game, Attacker can initially choose any side but he is still restricted that he can 
change sides at most once during the play. 

We shall now define the model of pushdown automata. Let Act be a finite set of actions, 
let r be a finite set of stack symbols and let Q be a finite set of control states. We assume 
that the sets Act, T and Q are pairwise disjoint. A pushdown automaton (PDA) over the 
set of actions Act, stack alphabet T and control states Q is a finite set A of rules of the 
form pX —> qa where p,q € Q, a G Act, l£T and a & T*. 

A PDA A determines a labelled transition system T(A) = (S, Act, — >) where the 
states are configurations of the form state x stack (i.e. S = Q x T* and configurations like 
{p, a) are usually written as pa where the top of the stack a is by agreement on the left) 
and the transition relation is determined by the following prefix rewriting rule. 

(pX qa) € A, 7 € r* 
pXj —> qa^i 

In what follows we shall often call the configurations pX as (pushdown) processes and 
omit the reference to the corresponding pushdown automaton and its underlying labelled 
transition system whenever it is clear from the context. 

A pushdown automaton is called single-state if the set of its control states is a singleton 
set (\Q\ = 1). In this case we usually omit the control state from the rules and configurations 
and we call such automata as BPA for Basic Process Algebra, which is another standard 
terminology. 

A pushdown automaton is called 1CA for one-counter automaton if the stack alphabet 
consists of two symbols only, T = {I, Z}, and every rule is of the form pi qa or 
pZ qaZ, where a 6 {/}*. This means that every configuration reachable from pZ is 
of the form pI n Z where I n stands for a sequence of n symbols / and Z corresponds to the 
bottom of the stack (the value zero). We shall simply denote such a configuration by p(n) 
and say that it represents the counter value n. 

Assume that Act = Act c U Act r U Acti is partitioned into a disjoint union of finite sets 
of call, return and internal actions, respectively. A visibly pushdown automaton (vPDA) 
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is a PDA which satisfies additional three requirements for any rule pX — ► qa (where |or| 
stands for the length of a): 

• if a € Act c then \a\ = 2 (call), 

• if a G Act r then \a\ = (return), and 

• if a E Actj then |a| = 1 (internal). 

Hence in vPDA the type of the input action determines the change in the height of the 
stack (call by +1, return by —1, internal by 0). 

Visibly basic process algebra (vBPA) and visibly one-counter automata (vlCA) are 
defined analogously. 

Remark 2.2. For internal actions we allow to modify also the top of the stack. This 
model (for vPDA) can be easily seen to be equivalent to the standard one (as introduced 
in [AM04J) where the top of the stack does not change under internal actions. However, 
when we consider the subclass vBPA, the possibility of changing the top of the stack under 
internal actions increases the descriptive power of the formalism. Unlike in [AM04| . we do 
not allow to perform return actions on the empty stack. This mild restriction is essential for 
our results on regularity checking in Section O but the results about equivalence checking 
in Section [3] are valid even without this restriction. 

Example 2.3. Consider the vPDA rules pX — pXY, pX — pe, pY -—* pe where 
a G Act c and b, c G Act r . The transition system generated by the root pX looks as follows. 

pX pXY - »- pXYY - — ^ pXYYY » 



b b b b 



pe < pY i pYY ^ pYYY < 

The vPDA process pX (which is in fact also a vBPA process) generates an infinite state 
transition system, which is not trace equivalent (and hence also not bisimilar) to any finite 
state system. Hence the class of visibly pushdown processes and visibly BPA processes 
strictly contains all finite state processes. 

The question we are interested in is: given a vPDA and two of its initial processes pX 
and qY, can we algorithmically decide whether pX and qY are related with respect to a 
given preorder /equivalence and if yes, what is the complexity? Similar questions can be 
asked for vBPA and vlCA. 

Remark 2.4. Note that the problem of equivalence checking of two processes belonging 
to different visibly pushdown automata (under the same partitioning of actions) is also 
covered by the definition of the problem above. We can always consider only a single vPDA 
by making a disjoint union of the respective pushdown automata. 
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3. Decidability of Preorder/Equivalence Checking 

3.1. Visibly Pushdown Automata. We shall now study preorder /equivalence checking 
problems on visibly pushdown automata. We prove their decidability by reducing the 
problems to model checking of an ordinary pushdown system against a /i-calculus formula. 
Let A be a vPDA over the set of actions Act = Act c L)Act r L) Acti, stack alphabet T and 

control states Q. We shall construct a PDA A' over the actions Act' == Act U Act U {£, r} 

where Act d = {a | a G Act}, stack alphabet V d = GxG where G d = TU (T x T) U (r x Act) U 

{e}, and control states Q' d = Q x Q. For notational convenience, elements (X, a) G T x Act 
will be written simply as X a . 

The idea is that for a given pair of vPDA processes we shall construct a single PDA 
process which simulates the behaviour of both vPDA processes by repeatedly performing 
a move in one of the processes, immediately followed by a move under the same action in 
the other process. The actions £ and r make it visible, whether the move is performed on 
the left-hand side or right-hand side. The assumption that the given processes are vPDA 
ensures that their stacks are kept synchronized. 

We shall define a partial mapping [ . , . ] : T* x T* — > {V x T)* inductively as follows 
(I.FeT and a, (3 G T* such that |a| = \/3\): 

[Xa,Y(3] d M (X,Y)[a,0\ 

r i def 

[e,e] = e . 

The mapping provides the possibility to merge stacks. 

Assume a given pair of vPDA processes pX and qY. Our aim is to effectively construct 
a new PDA system A' such that for every tx G {C s , = s , \Z CS , = cs , C rs , = rs , C 2s , =2 S , ~} it is 
the case that pX ix qY in A if and only if (p,q)(X,Y) \= M in A' for a fixed //-calculus 
formula 0^. We refer the reader to [Koz83] for the introduction to the modal /i-calculus. 

The set of PDA rules A' is defined as follows. Whenever (pX — qa) £ A then the 
following rules belong to A': 

(1) (p,p')(X,X') (q,p')(a,X' a ) for every p> G Q and X' G T, 

(2) {p',p)(X', X) (p', q)(X' a , a) for every p' E Q and X' 6 T, 

(3) X ) (p', <?)[/?, a] for every p> E Q and (3 G T U (r x T) U {e}, 

(4) (p,j/)(X a ,/9) for every p> G Q and /3 G T U (r x T) U {e}, 

(5) (P 5 P')(^^') for ever y P'e<3 and X' G T, and 

(6) (p',p)(X', X) (p',p)(A', A) for every p f e Q and A' G T. 

From a configuration (p, q)[a,(3] the rules of the form 1. and 2. select either the left- 
hand or right-hand side and perform some transition in the selected process. The next 
possible transition (by rules 3. and 4.) is only from the opposite side of the configuration 
than in the previous step. Symbols of the form X a where X G T and a G Act are used to 
make sure that the transitions in these two steps are due to pushdown rules under the same 
label a. Note that in the rules 3. and 4. it is thus guaranteed that |a| = \(3\. Finally, the 
rules 5. and 6. introduce a number of self-loops in order to make visible the initial actions 
of the processes. Actions currently available in the left-hand side process are visible as the 
actions from the set Act, while the actions in the right-hand side process are made visible 
as the actions from the set Act. 
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Example 3.1. Consider the vPDA rules: pX — ► qXY, rY — > sYY, rY — > r where 
a G Act c and b G Act r . The transition system generated (in A') by the root (p,r)(X,Y) 
looks as follows. 

a,a,b 





ip,r){X,Y) 




(q,r)(XY,Y a ) (p,s)(X a ,YY) (p,r)(X b ,e) 




(q,s)(X,Y)(Y,Y) 

Note that the configuration (p,r)(Xb,e) is stuck because there is no fr-labelled transition 
from the state pX. 

Lemma 3.2. Let A be a vPDA system over the set of actions Act and pX , qY two of its 
processes. Let (p, q)(X,Y) be a process in the system A' constructed above. Let 
. ^ s =uZ.[£]{r)Z, 

• <f> =s =cf>r s A(uZ.[r}(£)Z), 

• </t cs = uZ.([£](r)Z A ((Act)tt <^ (Act)tt)), 

• 0= cs = ^c cs A vZ.([r]{£)Z A {{Act)tt e> (Ac~t)tt)) , 

• <j) Qrs = vZ.([£](r)Z A A ((a)tt^(a)tt)), 

aeAct 

• cP =rs = <f>r rs A uZ.([r](£)Z A A «<*)** & <a)tt)), 

aeAct 

. fe j E,Z.([f](r)ZAK.[ r ](<)2')) ) 

• <P=2s = <j>r 2s AvZ.([r](£)Z A(vZ'.[£](r)Z')), and 

• <j>„ = vZ.[e,r](e,r)Z. 

For every x G {Q s , =s, Qcs, =csi Qrs, =rs, E2s, =2si ~} it holds that pX x i/ and onfo/ i/ 

(p, g )(x,y) h^m- 

Proof. We shall argue only for the case of bisimulation. Proofs for the other cases are 
similar. The formula (j)^ requires that for every action £ or r there must follow at least 
one of the actions £ or r such that the same property holds again. Note that (due to the 
construction of A'), if the first action was £ then necessarily the second one must be r and 
vice versa. Finally, cf)^ is chosen as the greatest fixed point. The reason is that it should 
satisfy also infinite runs (which have the above mentioned property) as they are winning 
for Defender. In what follows we describe formally the above mentioned intuition. A reader 
familiar with recursive formulae of ^-calculus may skip the rest of the proof. 

"=>": We show that pa ~ q(3 implies that (p,q)[a,/3] \= vZ.[£,r](£,r)Z. We prove that 

def 

the set F = {(p, q)[a, 0] | pa q(3 /\\a\ = |/3|} is a fixed point of the function corresponding 
to our formula. This amounts to checking (without loss of generality as the other case is 
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symmetric) that for every (p,q)[a,/3) G F and for every £-move (p,q)[a,/3] — > c for some 
configuration c of A', there is an r-move c — ► (p 1 , q')[a' , j3'\ such that (p' , q')[a', 0\ G F. 
As vZ.[£, r]{£, r)Z is the greatest fixed point, this will establish our claim. We remind the 
reader of the fact that there are no ^-transitions enabled from the configuration c. 

Let (p,q)[a,/3] G F and let (p,q)[a,/3\ — — > (p', q)(a', Y a )[y, 5] due to some rule (pX 
p'a') G A where a = A 7 and j3 = Y5. This means that pa = pX^f — p'a'j and because 
pa ~ q/3 we have that q/3 = qY5 —> q'/3'5 due to some rule (qY —> q / (3') G A such 

that pV 7 ~ q'(3'S. Hence (p', q)(a' , F a )[ 7 , «5] -A (p', </) W][7, <*] = (p', </)[a'7, /^] and 
(p 7 , g')[a'7, G F as required. 

"-<=": We prove that (p,q)[a,(3] \= uZ.[£,r]{£,r)Z implies that pa ~ q/3. To do so we 

define a binary relation R = {(pa, q/3) \ (p,q)[a,/3\ \= uZ.[£,r]{£,r)Z A \a\ = \(3\} and show 
that R is a bisimulation. Let (pa, q/3) G R and let us without loss of generality (the other 
case is completely symmetric) assume that pa — ► p'a' due to some rule (pX — ► p'a") G A. 
Hence a = X7 and a' = a" 7 for some 7 G T*. We aim to show that also q/3 — — > q'/3' such 
that (p',g')[a',/3'] |= vZ.[£,r]{e,r)Z and thus (p'a',q'/3') G The fact that pa p'a' 

means that in A' we have a transition (p, g)[a,/3] = (p, q)\X~f, f3] — — > (p', q)(a", Y a )[y, f3'\ 
where /3 = y/3'. As (p, g)[a, /?] satisfies the formula r](^, r)Z (and due to the unfold- 

ing law also the formula [£,r](£,r)(uZ.[£,r](£,r)Z)), we have that (p' ,q)(a" ,Y a )[y, f3'] — ^ 
(p', q')[a", (3"] [7, /3'] due to some rule (qY q'(3") G A such that (p', q')[a" , f3"} [7, /?'] |= 
fZ.[£,r](£,r)Z. Note that from (p', q)(a" , Y a )Yy, (3'\ no r-action is enabled on the left-hand 
side and there is no -^-action available, so this is indeed the only possibility. This, however, 
means that (p 1 , q')[a", /3"}[y, /?'] = (p', g')[a" 7 , /3"/3'] = (p', g')[a', 0"/3'], and g'/3"/3', 
which implies that (p'a', q'/3"/3') £ R. □ 

Theorem 3.3. Simulation, completed simulation, ready simulation and 2-nested simulation 
preorders and equivalences, as well as bisimulation equivalence are decidable on vPDA and 
all these problems are EXP TIME -complete. 

Proof. EXPTIME-hardness (for all relations between simulation preorder and bisimulation 
equivalence) follows from Theorem 6 in [KM02a]. There the authors give a reduction from 
the acceptance problem of alternating linear bounded automaton (LBA) to bisimilarity 
checking on pushdown automata. For a given alternating LBA they construct two PDA 
processes that have identical stack contents (and hence also their heights) during any bisim- 
ulation game played on them. These processes are bisimilar if and only if the given LBA 
does not accept the input string. The processes are constructed in such a way that Attacker 
can nondeterministically push configurations of the LBA, symbol by symbol, onto the stack 
of the first process. Defender has no other choice than to mimic this behaviour in the sec- 
ond process. If the current control state of the LBA is existential, then it is Attacker who 
selects the next control state. On the other hand, if the current control state is universal, 
Defender is selecting the next control state. This part of the construction uses the so-called 
Defender's Forcing Technique [JS08] . an instance of which is also explained in the proof of 
Lemma 13.71 Attacker wins the game iff a configuration containing an accept control state 
is ever pushed onto the stacks. 

Of course, Attacker can also decide to "cheat" and push symbols that do not in fact 
represent a valid computation of the LBA. To prevent this, a checking phase is added to 
the constructed processes. Defender can at any point decide to enter this phase and what 
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will happen is that the players will pop exactly n + 4 symbols (a control state is a part 
of the configuration) from the stack of both processes, where n is the length of the input. 
During this phase it is verified whether the three top-most symbols on the stack match 
(according to the LBA computation step) with the corresponding three symbols in the 
previous configuration. If not, Defender wins the game, otherwise Attacker is the winner. 
This means that Defender cannot gain anything by entering the checking phase as long 
as Attacker follows a valid computation of the LBA, but also that Attacker cannot gain 
anything by "cheating" as this can be immediately punished by Defender. 

Though conceptually elegant, the technical details of the reduction are rather tedious. 
A full construction can be found in [KM02b] (Theorem 3.3), however, already from the 
presented proof idea it is easy to see that the pushdown processes in the proof can be con- 
structed as visibly pushdown processes because the heights of their stacks are synchronized. 
Note also that, even though Theorem 3.3 in [KM02b] is formulated only for bisimulation, 
Attacker's winning strategy is given by playing only in the left-hand side process and hence 
the EXPTIME-hardness holds for any relation between simulation preorder and bisimula- 
tion equivalence. 

For the containment in EXPTIME observe that all our equivalence checking problems 
were reduced in polynomial time to model checking of a pushdown automaton against a 
formula of modal /z-calculus with alternation depth 1. The complexity of the model checking 
problem for a pushdown automaton with m states and k stack symbols and a formula of 
the size n\ and of the alternation depth n<i is 0((k2 cmnin2 ) U2 )) for some constant c |Wal01] . 
In our case for a given vPDA system with m states and k stack symbols we construct a 
PDA system with 0(m 2 ) states and with 0(k 3 • |.Ac£|) stack symbols (used in the transition 
rules). The size of the //-calculus formula is 0(|^4ct|) (for some equivalences even 0(1)) 
and the alternation depth is 1. Hence the overall time complexity of checking whether two 
vPDA processes pX and qY are equivalent is (A; 3 • \Act\)2°( m2m \ Act \\ □ 



3.2. Visibly Basic Process Algebra. We shall now focus on the complexity of pre- 
order /equivalence checking on vBPA, a strict subclass of vPDA. 

Theorem 3.4. Simulation, completed simulation, ready simulation and 2-nested simulation 
preorders and equivalences, as well as bisimulation equivalence are P-complete on vBPA. 

Proof. We can w.l.o.g. assume that the vBPA processes tested for a given equivalence 
have only three actions. This is due to Theorem 4 in [SrbOl] where a polynomial time 
reduction from bisimulation checking of two BPA processes to bisimulation checking of two 
BPA processes over a singleton action set is given. In order to make the resulting processes 
visibly BPA, we modify in a straightforward way the reduction in [Srb01| by using three 
actions so that we can distinguish between push, pop and internal actions. 

Now by using the arguments from the proof of Theorem 13.31 the complexity of equiva- 
lence checking on vBPA with \Act\ = 3 is therefore 0(k 3 ) where k is the cardinality of the 
stack alphabet (of the reduced processes according to [SrbOlJ) and where m = 1. 

P-hardness of the equivalence checking problems was proved in [SJ05] even for finite 
state systems. □ 
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In fact, for vBPA we can introduce even tighter complexity upper bounds by reducing 
it to preorder/equivalence checking on finite state systems. These results are due to the 
following decomposition property. 

Lemma 3.5. Let A be a vBPA system. We have Xa ~ X'a 1 in A (where X,X' G T and 
a, a' G r* ) if and only if 

(i) X ~ X' in A, and 

(ii) if (X — >* e or X' — >* e) then a ~ a' in A. 

Proof. The validity of this claim can be easily seen by using the game characterization. 
Obviously, in any play of the game starting from Xa and X'a' , if the players ever reach 
either the process a or a' , then it happens simultaneously in one round of the game and 
the players continue from the pair a and a' . This means that conditions (i) and (ii) imply 
that Xa ~ X'a'. On the other hand, if (i) does not hold then Attacker can win by playing 
only from X and X' , never touching a and a' during the game. If (ii) does not hold (i.e., 
X or X' can be removed from the stack and a 9^ a'), then Attacker wins first by playing 
a sequence w from X or X' such that X — e or X' — > e. If Defender could follow this 
sequence in the other process then the players reach the pair a and a' and Attacker wins 
because a ^ a' . □ 

Theorem 3.6. Simulation, completed simulation, ready simulation and 2-nested simulation 
preorders and equivalences, as well as bisimulation equivalence on vBPA are reducible to 
checking the same preorder/equivalence on finite state systems. For any vBPA process A 
( with the natural requirement that every stack symbol appears at least in one rule from A ), 
the reduction is computable in time 0(|A|) and outputs a finite state system with 0{\A\) 
states and 0(|A|) transitions. 

Proof. Let Act = Act c U Act r U Acti be the set of actions and let T be the stack alphabet of 
a given vBPA system A (we shall omit writing the control states as this is a singleton set). 

Let S d = {(Y, Z) e r x T | (X YZ) G A for some X G Y and a G Act c }. We construct 
a finite state transition system T = (T L) {e} U S, Act U {1, 2}, ==>) with new fresh actions 
1 and 2 as follows. For every vBPA rule (X — -> a) G A, we add the transitions: 

• X =^> e if a G Act r (and a = e), 

• X =^> Y if a G Acti and a = Y, 

• X (Y, Z) if a G Act c and a = YZ, 

• (y, Z) =W Y if a G Act c and a = YZ, and 

• (y, Z) ==> Z if a G Act c and a = YZ such that Y — >* e. 

See Figure [2] for an example of the transformation. The intuition is that all transitions 
in A that do not push any extra symbols on the stack are directly mimicked in T. For the 
push transitions we know, thanks to Lemma 13.51 that if Attacker has a winning strategy, 
then it is either by attacking only from the top-most symbols pushed on the stacks, or from 
the rest of the stacks (if the top-most symbols can be eventually popped). Hence Attacker 
has the possibility to choose one of these options by playing the actions 1 or 2 and the 
transition system T remains so finite state. 

Note that the set {Y G T \ Y — >* e} can be (by standard techniques) computed in 
time 0(|A|). Moreover, the finite state system T has 0(|A|) states and 0(|A|) transitions. 
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Figure 2: Transformation of a vBPA into a finite state system 



Because of the decomposition property proved in Lemma [331 f° r anv A, Y G T we have 
that X ~ Y in A iff X ~ V in T. It is easy to check that the fact above holds also for any 
other preorder /equivalence as stated by the theorem. □ 

This means that for preorder /equivalence checking on vBPA we can use the efficient 
algorithms already developed for finite state systems. For example, for finite state transition 
systems with k states and t transitions, bisimilarity can be decided in time 0(t log k) [PT87] . 
Hence bisimilarity on a vBPA system A is decidable in time 0(|A| ■ log |A|). 



3.3. Visibly One-Counter Automata. We will now continue studying preorder /equiva- 
lence checking problems on vlCA, a strict subclass of vPDA and an incomparable class with 
vBPA (w.r.t. bisimilarity). We start by showing PSPACE-hardness of the problems. The 
proof is by reduction from a PSPACE-complete problem of emptiness of one-way alternating 
finite automata over a one-letter alphabet [Hol96] . 

A one-way alternating finite automaton over a one-letter alphabet is a 5-tuple A = 
(Qg, Qvj Qo, S, F) where Q3 and Qv are finite and disjoint sets of existential, resp. universal 
control states, go G Q3 U Q\j is the initial state, FCQ 3 u Q\/ is the set of final states and 
5 : Q3 U Q\/ — > 2 < ^ aU< ^ v is the transition function. We assume without loss of generality that 
\5(q)\ > for all q G Q 3 U Qy 

A computation tree for an input word of the form I n (where n is a natural number and I 
is the only letter in the input alphabet) is a tree where every branch has exactly n + 1 nodes 
labelled by control states from Q3 U Q\/ such that the root is labelled with go an d every 
non-leaf node that is already labelled by some q G Q3 U Qv such that S(q) = {gi, . . . 
has either 

• one child labelled by qi for some i, 1 < i < k, if q G Q3, or 

• k children labelled by q%, if q G Q\/. 

A computation tree is accepting if the labels of all its leaves are final (i.e. belong to F). 

def 

The language of A is defined by L(A) = {I n \ I n has some accepting computation tree }. 

The emptiness problem for one-way alternating finite automata over a one-letter al- 
phabet (denoted as Empty) is to decide whether L(A) = for a given automaton A. The 
problem Empty is known to be PSPACE-complete due to Holzer [Hol96] and it is proved 
by a series of reductions (see also a direct proof by Jancar and Sawa |JS07| ). 

In what follows we shall demonstrate a polynomial time reduction from Empty to 
equivalence/preorder checking on visibly one-counter automata. We shall moreover show 
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the reduction for any (arbitrary) relation between simulation preorder and bisimulation 
equivalence. This in particular covers all preorders/equivalences introduced in this article. 

Lemma 3.7. All relations between simulation preorder and bisimulation equivalence are 
PSPACE-hard on vlCA. 

Proof. Let A = (Qs, Qy, qo, S, F) be a given instance of Empty. We shall construct a visibly 

def def 

one-counter automaton A over the set of actions Act c = {i}, Act r = {d q \ q G Q3 U Qy}, 
Acti = f {a, e} and with control states Q d = {p,p', t} U {q, q', t q \ q G Q3 U Qy} such that 

• if L(A) = then Defender has a winning strategy from pZ and p'Z in the bisimulation 
game (i.e. pZ ~ p'Z), and 

• if L(A) / then Attacker has a winning strategy from pZ and p'Z in the simulation 
preorder game (i.e. pZ p'Z). 

The intuition is that Attacker generates some counter value n in both of the processes pZ 
and p'Z and then switches into a checking phase by changing the configurations to qo(n) 
and q' {n). Now the players decrease the counter and change the control states according 
to the function 5. Attacker selects the successor in any existential configuration, while 
Defender makes the choice of the successor in every universal configuration. Attacker wins 
if the players reach a pair of configurations q(0) and q'(0) where q £ F. 

We shall now define the set of rules A. The initial rules allow Attacker (by performing 
repeatedly the action i) to set the counter into an arbitrary number, i.e., Attacker generates 
a candidate word from L{A). 



pZ 


-UpIZ 


p'Z 


-^p'IZ 


pi - 


pi I 


p'i - 




pZ 


— ► qoZ 


p'Z 


^q'Z 


pl- 




p'i - 


^q'oi 



Observe that Attacker is at some point forced to perform the action a (an infinite play is 
winning for Defender) and switch to the checking phase starting from qo(n) and q'o(n). 

Now for every existential state q £ Q3 with 5(q) = {qi, ■ ■ ■ ,qk} an d for every i G 
{1, . . . , k} we add the following rules. 

T d H IT dq * I 

qi > qi qi ► q\ 

This means that Attacker can decide on the successor qi of q and the players in one round 
move from the pair q(n) and q'(n) into qi(n — 1) and q\{n — 1). 

Next for every universal state q G Qy with 5(q) = {q±, ...,%} and for every i G 
{1, . . . , k} we add the rules 

qi tl q'l t q J 

H t q J 

and for every q, r G Q3 U Qy such that q / r we add 
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q%(n — 1) r(n — 1) <^(n — 1) 



Figure 3: Defender's Choice: 5 £ Qv an d 5(q) = {qi, . . . , q^} 

These rules are more complex and they correspond to a particular implementation of 
the so-called Defender's Forcing Technique (for further examples see e.g. [JS08| ). We shall 
explain the idea by using Figure El Assume that q G Qv and 5(q) = {q±, ...,%}. In the 
first round of the bisimulation game starting from q(n) and q'(n) where n > 0, Attacker is 
forced to take the move q(n) — ^ t(n). On any other move Defender answers by immediately 
reaching a pair of syntactically equal processes (and thus wins the game). Defender's answer 
on Attacker's move q(n) — ^ t(n) is to perform q'(n) — ^ t qi (n) for some i € {1, . . . ,k}. 
The second round thus starts from the pair t(n) and t qi (n). Should Attacker choose to 
play the action d r for some state r such that r 7^ qi (on either side), Defender can again 
reach a syntactic equality and win. Hence Attacker is forced to play the action d qi on which 
Defender answers by the same action in the opposite process and the players reach the pair 
qi(n — 1) and q[{n — 1). Note that it was Defender who selected the new control state qi. 

Finally, for every q € F we add the rule 

qZ qZ . 

It is easy to see that A is a visibly one-counter automaton and we shall now argue for 
the correctness of the reduction. 

Assume that L(A) = 0. We shall argue that Defender has a winning strategy in the 
bisimulation game starting from pZ and p'Z. In the first phase Attacker can generate an 
arbitrary number of the symbols I on the stacks. At some point he has to perform the action 
a and switch to qo(n) and q'o(n) for some n. The players now remove the symbols / one 
by one and change the control states according to the function 5. As L{A) = 0, we know 
that no computation tree can be accepting. This means that whatever choices Attacker 
makes in existential states, Defender can still select suitable successors of universal states 
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such that when the players empty the whole counter and arrive to the pair qZ and q'Z, 
Defender guarantees that q F. Therefore qZ and q'Z are stuck and thus Defender has a 
winning strategy in the bisimulation game. 

On the other hand, if L(A) 7^ 0, we will demonstrate Attacker's winning strategy in the 
simulation preorder game starting from pZ and p' Z. Attacker first forces (by repeatedly 
performing the action i followed by one action a) to reach a pair of states qo(n) and q' (n) 
such that I n £ L(A). In the checking phase, there is an accepting computation tree for 
the word J n and hence Attacker can make existential choices such that whatever universal 
choices Defender makes, the players arrive to the situation qZ and q' Z for some q £ F. Now 
Attacker wins by playing qZ — — > qZ to which Defender has no answer. Notice that during 
the whole game (and particularly during the part where Defender chooses a successor of 
a universal state) Attacker can make his moves only on the left-hand side. Therefore 
pZ %sP' Z as required. □ 

Remark 3.8. The reduction above works also for a strict subclass of one-counter automata 
called one-counter nets (where it is not allowed to test for zero, see e.g. [JKMS04]). It is 
enough to replace the final rule qZ — qZ with two new rules q — — > q and q'l — — > q'l 
for every q £ F. Moreover, a slight modification of the system allows to show PSPACE- 
hardness of simulation preorder checking between one-counter automata and finite state 
systems and vice versa. Hence the previously known DP lower bounds [JKMS04] for all 
relations between simulation preorder and bisimulation equivalence on one-counter nets 
(and one-counter automata) as well as of simulation preorder /equivalence between one- 
counter automata and finite state systems, and between finite state systems and one-counter 
automata are raised to PSPACE-hardness. 

We are now ready to state the precise complexity of (bi)simulation-like preorders/equi- 
valences on visibly one-counter automata. 

Theorem 3.9. Simulation, completed simulation, ready simulation and 2-nested simulation 
preorders and equivalences, as well as bisimulation equivalence are F 'SPACE- complete on 
vlCA. 

Proof. PSPACE-hardness follows from Lemma 13.71 Containment in PSPACE is due to 
Lemma [3.2l and due to [Ser06| where it was very recently showed that model checking modal 
//-calculus on one-counter automata is decidable in PSPACE. The only slight complication 
is that the system used in Lemma 13.21 is not necessarily a one-counter automaton. All 
stack symbols are of the form (I, I) or (Z, Z) which is fine, except for the very top of the 
stack where more different stack symbols are used. Nevertheless, by standard techniques, 
the top of the stack can be remembered in the control states in order to apply the result 
from |Ser06| . □ 

4. Decidability of Regularity Checking 

In this section we ask the question whether a given vPDA process is equivalent to 
some finite state system. Should this be the case, we call the process regular (w.r.t. the 
considered equivalence) . 

Definition 4.1. A vPDA process pX is regular w.r.t. a given equivalence = iff there is a 
finite state process F such that pX = F. 
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Note that we do not fix any particular equivalence = in the definition above. This is 
on purpose as the results in this section are generic and hold for regularity w.r.t. many 
different equivalence notions. 

We shall now give a semantical characterization of regular vPDA processes via the 
property of unbounded popping and a polynomial time decision algorithm to test whether 
a given process satisfies this property. 

Let Act = Act c U Act r U Acti be the set of actions of a given vPDA. We define a 
function h : Act — > {—1,0, +1} by h(a) = +1 for all a E Act c , h(a) = — 1 for all a E Act r , 
and h(a) = for all a E Acti. The function h can be naturally extended to sequences of 
actions by h(a\ . . . a n ) = n } M a «)- Observe now that for any computation pa — > q(3 

we have \(3\ = \a\ + h(w). 

Definition 4.2. Let pX be a vPDA process. We say that pX provides unbounded popping if 
for every natural number d there is a process q(3 and a word w E Act* such that h(w) < —d 
and pX — >* qf3 — — > . 

Lemma 4.3. Let pX be a vPDA process which provides unbounded popping. Then pX is 
not regular w.r.t. trace equivalence. 

Proof. By contradiction. Let pX be trace equivalent to some finite state system F with n 
states. Let us consider a trace w\W2 such that pX qf3 for some qf3 and h{w2) < —n. 
Such a trace must exist because pX provides unbounded popping. The trace w\W2 must be 
executable also in F. However, because F has n states, during the computation on u>2, it 
must necessarily enter twice some state q rep . Because q(3 decreases the stack height by more 
than n symbols during the computation on u>2, we can moreover assume that the second 
occurrence of q rep in F happened when the corresponding pushdown configuration had the 
stack height strictly smaller than in the first occurrence of q rep . This means that such a 
computation on W2 forms a loop on a substring w' of W2 which was observed between the 
first and the second occurrence of q rep and h{w') < 0. 

By repeating the loop under w' (where u>2 = xw'y) in F sufficiently many times + 
\x\ + \y\ + 2 times is surely enough), F can achieve a trace w = wixw'^ Wl ^ + ^ + ^ +2 y with 
h(w) < —1. However, this trace is not possible from pX (any word w such that pX — > 
satisfies that h(w) > —1). This is a contradiction. □ 

Lemma 4.4. Let pX be a vPDA process which does not provide unbounded popping. Then 
pX is regular w.r.t. bisimilarity. 

Proof. Assume that pX does not provide unbounded popping. In other words, there is a 
constant d max such that for every process q(3 reachable from pX it is the case that for any 
computation starting from qf3, the stack height \/3\ cannot be decreased by more than d max 
symbols. This means that in any reachable configuration it is sufficient to remember only 
dmax top-most stack symbols and hence the system can be up to bisimilarity described as 
a finite state system (in general of exponential size). □ 

Theorem 4.5. Let pX be a vPDA process. Then, for any equivalence relation between 
trace equivalence and bisimilarity, pX provides unbounded popping if and only if pX is not 
regular. 



Proof. Directly from Lemma 14.31 and Lemma 14.41 



□ 
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We shall now show that unbounded popping property is decidable in polynomial time 
and we also take a closer look at the exact complexity of regularity checking problems on 
vPDA, vBPA and vlCA. The results are presented in the following three lemmas. 

Lemma 4.6. Regularity checking of vPDA w.r.t. any equivalence between trace equivalence 
and bisimilarity is decidable in deterministic polynomial time. 

Proof. We can check, for every q € Q and Y £ T, whether the regular set post*(qY) n 
pre* ({re \ r £ Q}) is infinite. A nondeterministic finite automaton recognizing this language 
can be constructed in polynomial time because pre* and post* preserve regularity and 
are polynomial time computable (see e.g. [BEM971 [EHRSOOj), and the check whether the 
resulting automaton has an infinite language amounts to searching (in polynomial time) 
for a reachable cycle from which there is a path to some accept state. Observe now that 
if the above mentioned regular language is infinite, then qY has infinitely many different 
successors with higher and higher stacks such that all of them can be completely emptied. 
To see whether a given vPDA process pX provides unbounded popping (and hence it is 
nonregular due to Theorem l4.5p . it is now enough to test whether pX £ pre*(qYT*) for some 
qY satisfying the condition above. The test can be again done in polynomial time [BEM97, 
lEHRSOOj . □ 

Lemma 4.7. Regularity checking of vBPA w.r.t. any equivalence between trace equivalence 
and bisimilarity is P-hard. 

Proof. In order to argue that regularity for vBPA is P-hard we first consider the following 
problem. Let A be a BPA system over the set of actions Act and a stack alphabet V. Let 
X £ T. The language of X recognized by the empty stack is defined as L(X) = {w £ 
Act* | X — ► e}. It is known that the problem whether L(X) = (which we shall call 
BPA-EMPTY) is P-hard, even under the assumption that there are only finitely many 
configurations reachable from the process X, and that every rule Y — — > a in A satisfies 
that \a\ < 2. P-hardness of BPA-EMPTY follows from a simple logarithmic space reduction 
from the Monotone Circuit Value problem (see [GHR951 p. 177] for details). We shall reduce 
BPA-EMPTY to regularity checking on vBPA. Let A together with a stack symbol X £ T, 
which has finitely many reachable states, be a given instance of BPA-EMPTY. We construct 
(in logarithmic space) a vBPA system A' over the partitioned action alphabet Act c = {c}, 
Act r = {r}, Acti = {i,e} and the stack alphabet f = TU {X',B,C,D}, where X', B, C 
and D are fresh stack symbols, such that 

• if L(X) = in A then X' is a regular process in A' w.r.t. bisimilarity, and 

• if L(X) ^ in A then X' is not a regular process in A' w.r.t. trace equivalence. 

We build A' from A as follows: 

• for every (Y a) £ A where \a\ = 2 we add to A' the rule Y — a, 

• for every (Y — —> a) £ A where \a\ = we add to A' the rule Y — — » a, and 

• for every (Y — —> a) £ A where \a\ = 1 we add to A' the rule Y — 1 —> a. 

This does not change the answer to the emptiness problem and the system A' becomes 
visibly BPA. If we now add the following rules to A' 

X' ^XB B C -^CD C -^e D e 

then it is easy to see that X' is regular if and only if L(X) = 0. Obviously, A' is still 
visibly BPA. Hence regularity checking on vBPA is P-hard for any equivalence between 
trace equivalence and bisimilarity. □ 
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Lemma 4.8. Regularity checking of vlCA w.r.t. any equivalence between trace equivalence 
and bisimilarity is NL-complete. 

Proof. NL-hardness follows immediately from the fact that the regularity checking problem 
naturally contains the reachability problem on finite state systems (by a similar construc- 
tion as in Lemma 14. 7\i . The containment in nondeterministic logarithmic space is by the 
observation that a given visibly one-counter process qo(0) in A, where A has n control 
states, provides unbounded popping if and only if there exist two control states p and p' 
such that 

(1) qo(0) p(n±) for some w\ and n\ such that n\ > n and h{w') < n 2 + 2n for every 
prefix w' of wi, 

(2) p(n) — ^> p{n2) for some W2 and n<i such that n<i > n and jw^l < n, 

(3) p(n) p'inz) for some W3 and 713 such that \w^\ < n, and 

(4) p'(n) p'(n^) for some W4 and such that < n and \w^\ < n. 

Note that due to the restrictions on the lengths of the action sequences in points 2., 3. and 
4., no transition is performed from any configuration where the counter value is zero. Hence 
the same computations are possible also for any higher initial counter value. 

The idea is that the process qo(0) provides unbounded popping iff there is a possibility 
to arbitrarily increase the counter value (by means of the cycle from the control state p in 
condition 2.) and then reach a control state p' (condition 3.) in which the counter value can 
be arbitrarily decreased (condition 4.). Initially, condition 1. guarantees that the state p can 
be reached with a sufficiently large counter value. The extra requirement h(w') < n 2 + 2n 
for any prefix w' of w\ in condition 1. is harmless because if the state p{n\) is reachable 
then it is not necessary that the counter value during the computation grows to more than 
n 2 + 2n. To show that, we first observe that we can require that the counter value n\ 
satisfies n < n\ < 2n. For the sake of contradiction, let the control state p be reachable 
from the initial configuration such that the minimal counter value m is greater than 2n. 
We will show that we can then reach p with a counter value strictly smaller (while still at 
least n). Let us consider the suffix of this computation where all configurations have the 
counter values greater or equal to n. Now, in the region of configurations with the counter 
values between n and 2n, there are necessarily two configurations r(n') and r(n") for some 
control state r such that n < n' < n" < 2n and r(n') precedes r(n"). By removing the 
part of the computation between r(n') and r(n") we achieve a computation that reaches 
the control state p with a strictly smaller counter value. 

We can hence assume that p{n\) is reachable such that n < n\ < 2n. Should the 
counter grow to more than n 2 + 2n during this computation then there would necessarily 
appear two configurations with the same counter value (greater than 2n) and the same 
control state and hence we could find a shorter sequence of actions to reach p{n\). 

We shall now argue that the extra restrictions in conditions 2., 3. and 4. are harmless 
too. In condition 2., for the sake of contradiction, assume that from the control state p we 
can reach p with a higher counter value (and never test for zero during the computation) 
such that the shortest sequence of actions to achieve this is strictly longer than n. On such 
a sequence, there are necessarily two configurations r(n') and r(n") with the same control 
state r such that r(n') precedes r(n"). If n' > n" than we can simply remove the part of the 
computation between these two configurations and reach the control state p with a possibly 
even higher counter value than before. If n' < n" then we could have initially selected the 
control state r instead of p, because there is a loop on the control state r which increases 
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the counter value. Similarly, we can show that the restrictions in points 3. and 4. are 
harmless too. 

Finally, we note that the control states p and p' above can be nondeterministically 
guessed and the conditions 1.-4. verified in nondeterministic logarithmic space. Hence the 
regularity checking problem for visibly one-counter automata is in NL. □ 

We finish by a theorem summarizing the complexity results proved in Lemma 14.61 
Lemma 14.71 and Lemma 14.81 

Theorem 4.9. The regularity checking problem w.r.t. any equivalence between trace equiv- 
alence and bisimilarity (in particular also w.r.t. any equivalence considered in this article) 
is P-complete for vPDA and vBPA and NL-complete for vlCA. 

5. Conclusion 

In the following table we provide a comparison of bisimulation, simulation and regu- 
larity (w.r.t. bisimilarity) checking on PDA, 1CA, BPA and their subclasses vPDA, vlCA, 
vBPA. Results achieved in this article are in bold. 







Q s and = s 


~-regularity 


PDA 


decidable 
|Sen05| 
EXPTIME-hard 
|KM02aj 


undecidable 
[GH94J 


? 

EXPTIME-hard 
|KM02al ISrb02j 


vPDA 


in EXPTIME 

EXPTIME-hard 
|KM02aj 


in EXPTIME 

EXPTIME-hard 
|KM02aj 


P-complete 


1CA 


decidable [JanOO] 
PSPACE-hard 


undecidable 
|JMS99j 


decidable 
[JanOO] 
P-hard 
|BGS92l ISrb02] 


vlCA 


PSPACE-complete 


PSPACE-complete 


NL-complete 


BPA 


in 2-EXPTIME 

|BCS95j 
PSPACE-hard 

|Srb02j 


undecidable 
[GH94] 


in 2-EXPTIME 
[BCS961IBCS95) 
PSPACE-hard 
[Srb02| 


vBPA 


in P 

P-hard 
|BCS92j 


in P 

P-hard 
[SJ05| 


P-complete 



In fact, our results about EXPTIME-completeness for vPDA, PSPACE-completeness 
for vlCA and P-completeness for vBPA hold for all preorders and equivalences between 
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simulation preorder and bisimulation equivalence studied in the literature (like completed 
simulation, ready simulation and 2-nested simulation). The results confirm a general trend 
seen in the classical language theory of pushdown automata: a relatively minor restriction 
(from the practical point of view) of being able to distinguish call, return and internal actions 
often significantly improves the complexity of the studied problems and sometimes even 
changes undecidable problems into decidable ones, moreover with reasonable complexity 
bounds. 

All the upper bounds proved in this article are matched by the corresponding lower 
bounds. Here the most interesting result is PSPACE-hardness of preorder /equivalence 
checking on vlCA for all relations between simulation preorder and bisimulation equiva- 
lence. As noted in Remark 13.81 this proof improves also a number of other complexity lower 
bounds for problems on standard one-counter nets and one-counter automata, which were 
previously known to be only DP-hard (DP-hardness is, likely, only a slightly stronger result 
than NP and co-NP hardness). 

Finally, we have proved that for all the studied equivalences, the regularity problem 
is decidable in polynomial time, more precisely, P-complete for vPDA and vBPA and NL- 
complete for vlCA. Checking whether an infinite state process is equivalent to some regular 
one is a relevant question because many problems about such a process can be answered by 
verifying the equivalent finite state system and for finite state systems many efficient algo- 
rithms have been developed. A rather interesting observation is that preorder /equivalence 
checking on vBPA for preorders/equivalences between simulation and bisimilarity can be 
polynomially translated to verification problems on finite state systems. On the other hand, 
the class of vBPA processes is more expressive than the class of finite state processes and 
hence the question whether for a given vPDA (or vlCA) process there is some equivalent 
vBPA process is of a particular interest. Another open problem is whether the unbounded 
popping property for visibly pushdown automata can be generalized so that it characterizes 
regularity also on vPDA that can perform return actions even on the empty stack. 

In the present article we did not consider any weak preorder /equivalences as non- 
observable pushing and popping actions will immediately break the synchronization of the 
stacks of the processes and the visibility constraint would not be usable any more. 
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